package cn.tools.antiSamy.filter;


import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;

/**
 * @author: e
 * @date: 2021/12/8
 * @description: 过滤器配置，所有传输至服务层的数据都进行过滤
 */

//继承Filter过滤器，实现其方法
public class XSSFilter implements Filter {


    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {

        //将传入进来的请求强转为HttpServletRequest
        HttpServletRequest request = (HttpServletRequest)servletRequest;

        //然后将请求放入我们刚刚写的XssRequestWrapper方法中，将请求中的数据进行一次过滤，然后再进行放行，doFilter就是放行
        filterChain.doFilter(new XssRequestWrapper(request),servletResponse);
    }
}
